diff --git a/docker-compose.dev.yaml b/docker-compose.dev.yaml
index 254ea7a..26eedfc 100644
--- a/docker-compose.dev.yaml
+++ b/docker-compose.dev.yaml
@@ -79,6 +79,7 @@ services:
       ASPNETCORE_URLS: "http://0.0.0.0:8080"
       DOTNET_RUNNING_IN_CONTAINER: "true"
       DB_CONNECTION_STRING: "${DB_CONNECTION_STRING}"
+      JWT_SECRET: "${JWT_SECRET}"
     restart: unless-stopped
     networks:
       - devnet
diff --git a/docker-compose.prod.yaml b/docker-compose.prod.yaml
index 7efaaba..eccbf98 100644
--- a/docker-compose.prod.yaml
+++ b/docker-compose.prod.yaml
@@ -59,6 +59,7 @@ services:
       DOTNET_RUNNING_IN_CONTAINER: "true"
       MASTER_DB_CONNECTION_STRING: "${MASTER_DB_CONNECTION_STRING}"
       DB_CONNECTION_STRING: "${DB_CONNECTION_STRING}"
+      JWT_SECRET: "${JWT_SECRET}"
     restart: unless-stopped
     networks:
       - prodnet
diff --git a/docker-compose.test.yaml b/docker-compose.test.yaml
index d31390d..08e93b7 100644
--- a/docker-compose.test.yaml
+++ b/docker-compose.test.yaml
@@ -73,6 +73,7 @@ services:
     environment:
       DOTNET_RUNNING_IN_CONTAINER: "true"
       DB_CONNECTION_STRING: "${TEST_DB_CONNECTION_STRING}"
+      JWT_SECRET: "${JWT_SECRET}"
     volumes:
       - ./test-results:/app/test-results
     restart: "no"
@@ -93,6 +94,7 @@ services:
     environment:
       DOTNET_RUNNING_IN_CONTAINER: "true"
       DB_CONNECTION_STRING: "${TEST_DB_CONNECTION_STRING}"
+      JWT_SECRET: "${JWT_SECRET}"
     volumes:
       - ./test-results:/app/test-results
     restart: "no"
diff --git a/src/Core/Service/Service.Core/Services/JwtService.cs b/src/Core/Service/Service.Core/Services/JwtService.cs
index c881e70..197dd21 100644
--- a/src/Core/Service/Service.Core/Services/JwtService.cs
+++ b/src/Core/Service/Service.Core/Services/JwtService.cs
@@ -1,3 +1,4 @@
+using System;
 using System.Security.Claims;
 using System.Text;
 using Microsoft.Extensions.Configuration;
@@ -6,14 +7,13 @@ using Microsoft.IdentityModel.Tokens;
 using JwtRegisteredClaimNames = System.IdentityModel.Tokens.Jwt.JwtRegisteredClaimNames;
 
 namespace ServiceCore.Services;
-public class JwtService(IConfiguration config) : IJwtService
+public class JwtService : IJwtService
 {
-    // private readonly string? _secret = config["Jwt:Secret"];
-    private readonly string? _secret = "128490218jfklsdajfdsa90f8sd0fid0safasr31jl2k1j4AFSDR!@#$fdsafjdslajfl";
+    private readonly string? _secret = Environment.GetEnvironmentVariable("JWT_SECRET");
     public string GenerateJwt(Guid userId, string username, DateTime expiry)
     {
         var handler = new JsonWebTokenHandler();
-        
+
         var key = Encoding.UTF8.GetBytes(_secret ?? throw new InvalidOperationException("secret not set"));
 
         // Base claims (always present)
@@ -35,4 +35,4 @@ public class JwtService(IConfiguration config) : IJwtService
 
         return handler.CreateToken(tokenDescriptor);
     }
-}
\ No newline at end of file
+}